Cyber Attack on Pakistani Bank Incurs $6 Million Loss

Pakistan suffered the biggest cyber attack in its history, as hackers used stolen card information to nab $6 million from the accounts of Bank Islami’s clients.

Cyber Attack on Pakistani Bank Incurs $6 Million Loss
Hackers stole card information to illegally transfer money from Pakistan’s bank Islami

As hackers discover ingenious ways to bypass the cybersecurity set up by government and financial institutions, cybercrimes are at an all-time high. Along with massive data breaches for internet giants like Google, Facebook, and Yahoo, hackers have also broken into the healthcare databases of UK and Singapore. As cyber terrorism becomes a routine occurrence, governments around the world struggle to discover novel ways to fight back. Now, Pakistan has become the latest victim of one such incident.

On 27th October, 2018, the Karachi-based Bank Islami confirmed that it had suffered a security breach that resulted from an earlier theft of payment card information. The bank’s internal security system identified “abnormal transactions’ coming from Pakistani debit cards from outside the country’s borders – allowing them to identify the breach. A few of Bank Islami’s clients have also reported to received notifications stating that their accounts have been accessed from countries such as Russia, U.S., and Brazil.

In the wake of the news, Bank Islami shut down all international transactions to half the process. The State Bank of Pakistan also alerted every other bank in the country to suspend any ongoing transactions and temporarily shut down all ATM transactions conducted with any Pakistani debit card.

The actions, however, were a little too late. According to international payment schemes, hackers managed to steal around $6 million – making it one of the biggest cyber attack in the history of the nation. Bank Islami, however, has refuted the claims. Their own investigations have claimed that illegal transactions amounted to around $20,000.

According to their official statement, Bank Islami suspects that the breach was a “coordinated cyber attack”. Hackers obtained digital copies of credit and debit card information and conducted illegal transactions from the U.S. and Brazil. According to some, the data of Bank Islami customers, including account numbers and debit card pins, are now being sold on the Dark Web.

The media has criticized the State Bank of Pakistan for its negligence in not coming down hard on other banks for not complying with International Banking Security Standards. Earlier, in December 2017, Habib Bank Ltd was also affected by a similar kind of attack. Although international transactions have not yet been restored, the bank is confident about restoring them, once the risk of unauthorized access if completely mitigated. Meanwhile, Pakistani customers can reportedly use their cards in ATM and other POS payment outlets.

The Bank Islami hack is the latest incident in a string of cyber crimes being committed against organizations off late. In a world where the presence of adequate security protocols is not enough to deter hackers, the lack of security standards by Bank Islami made it an easy target to hack into. While organizations develop novel cybersecurity measures to keep such hacking at bay, its imperative that banks comply with the international standard to prevent future breaches.